Proszę o sprawdzenie logów z Combo i Hjt

Bufeer · 22 Listopad 2008 21:20

ComboFix 08-11-22.01 - Sebastian 2008-11-22 20:58:47.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.414 [GMT 1:00]

Uruchomiony z: c:\wersje instalacyjne\ComboFix.exe

* Utworzono nowy punkt przywracania

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

d:\windows\system32\AutoRun.inf

.

((((((((((((((((((((((((( Pliki utworzone od 2008-10-22 do 2008-11-22 )))))))))))))))))))))))))))))))

.

2008-11-22 19:11 . 2008-11-22 19:17

2008-11-22 19:02 . 2008-11-22 19:03

2008-11-22 19:00 . 2008-11-22 19:00

2008-11-22 00:52 . 2008-11-22 20:59

2008-11-22 00:52 . 2008-10-07 21:31

2008-11-22 00:52 . 2008-10-07 20:37

2008-11-22 00:52 . 2008-10-07 21:31

2008-11-22 00:52 . 2008-11-22 00:52

2008-11-22 00:32 . 2008-11-22 00:32

2008-11-22 00:27 . 2008-11-22 00:27

2008-11-22 00:27 . 2008-11-22 18:50

2008-11-22 00:27 . 2008-08-25 12:36 81,288 --a------ d:\windows\system32\drivers\iksyssec.sys

2008-11-22 00:27 . 2008-08-25 12:36 66,952 --a------ d:\windows\system32\drivers\iksysflt.sys

2008-11-22 00:27 . 2008-08-25 12:36 40,840 --a------ d:\windows\system32\drivers\ikfilesec.sys

2008-11-22 00:27 . 2008-06-02 16:19 29,576 --a------ d:\windows\system32\drivers\kcom.sys

2008-11-21 22:42 . 2008-11-21 22:42

2008-11-21 22:17 . 2008-04-14 21:51 221,184 --a------ d:\windows\system32\wmpns.dll

2008-11-21 16:16 . 2008-11-21 16:16 20,264 --a------ d:\documents and settings\Sebastian\Dane aplikacji\GDIPFONTCACHEV1.DAT

2008-11-19 16:18 . 2008-11-19 16:18

2008-11-12 09:45 . 2008-09-04 18:17 1,106,944 -----c— d:\windows\system32\dllcache\msxml3.dll

2008-11-12 09:45 . 2008-10-24 12:21 455,296 -----c— d:\windows\system32\dllcache\mrxsmb.sys

2008-11-06 14:25 . 2008-11-06 14:25

2008-11-06 10:11 . 2008-11-07 08:23 32 --a------ d:\windows\CD_Start.INI

2008-10-30 21:18 . 2008-10-30 21:18

2008-10-30 19:37 . 2008-10-30 19:37

2008-10-30 19:36 . 2008-10-30 19:36

2008-10-30 19:36 . 2008-10-30 19:36 410,976 --a------ d:\windows\system32\deploytk.dll

2008-10-30 19:36 . 2008-10-30 19:36 73,728 --a------ d:\windows\system32\javacpl.cpl

2008-10-27 20:55 . 2008-11-13 22:09 1,393 --a------ d:\windows\imsins.BAK

2008-10-27 12:07 . 2008-10-27 12:07 16,644 --ah----- d:\windows\system32\mlfcache.dat

2008-10-24 04:55 . 2008-10-15 17:36 337,408 -----c— d:\windows\system32\dllcache\netapi32.dll

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-11-22 17:44 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\Google Updater

2008-11-20 19:03 1,315,776 ----a-w d:\windows\system32\drivers\athw.sys

2008-10-27 20:12 --------- d-----w d:\documents and settings\Sebastian\Dane aplikacji\AVG7

2008-10-24 11:21 455,296 ----a-w d:\windows\system32\drivers\mrxsmb.sys

2008-10-20 20:19 --------- d-----w d:\program files\ffdshow

2008-10-20 20:06 --------- d-----w d:\documents and settings\Sebastian\Dane aplikacji\BESTplayer

2008-10-18 07:26 --------- d-----w d:\program files\Common Files\Adobe

2008-10-18 06:07 --------- d-----w d:\program files\F-Secure Internet Security

2008-10-18 06:06 --------- d-----w d:\program files\Alwil Software

2008-10-18 06:04 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\f-secure

2008-10-17 17:10 7,680 ----a-w d:\windows\system32\ff_vfw.dll

2008-10-16 17:41 --------- d-----w d:\program files\Picasa2

2008-10-16 17:39 --------- d-----w d:\program files\Google

2008-10-16 12:16 --------- d–h--w d:\program files\InstallShield Installation Information

2008-10-16 11:47 5,632 ----a-w d:\windows\system32\drivers\ATKACPI.sys

2008-10-16 10:03 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\fssg

2008-10-16 10:00 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\avg7

2008-10-16 08:54 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\Avira

2008-10-16 08:08 --------- d-----w d:\documents and settings\Sebastian\Dane aplikacji\HPAppData

2008-10-16 07:57 348,160 ----a-w d:\windows\system32\msvcr71.dll

2008-10-16 07:57 --------- d-----w d:\documents and settings\LocalService\Dane aplikacji\AVG7

2008-10-16 06:42 --------- d-----w d:\documents and settings\Sebastian\Dane aplikacji\Ahead

2008-10-16 06:42 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\LightScribe

2008-10-16 06:37 --------- d-----w d:\program files\Common Files\LightScribe

2008-10-16 06:36 --------- d-----w d:\program files\Common Files\Ahead

2008-10-16 06:35 --------- d-----w d:\program files\Nero

2008-10-16 06:35 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\Nero

2008-10-15 18:14 --------- d-----w d:\documents and settings\Sebastian\Dane aplikacji\HP

2008-10-15 18:05 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\WEBREG

2008-10-15 18:01 --------- d-----w d:\program files\HP

2008-10-15 18:01 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\HP Product Assistant

2008-10-15 18:01 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\HP

2008-10-15 18:00 --------- d-----w d:\program files\Common Files\HP

2008-10-15 17:56 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\Hewlett-Packard

2008-10-14 15:00 --------- d-----w d:\program files\Synaptics

2008-10-14 14:08 --------- d-----w d:\program files\Toshiba

2008-10-14 14:04 --------- d-----w d:\program files\Motorola

2008-10-14 13:59 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\ATI

2008-10-14 13:55 --------- d-----w d:\program files\ATI Technologies

2008-10-08 13:30 --------- d-----w d:\program files\Common Files\InstallShield

2008-10-08 13:20 --------- d-----w d:\program files\Realtek

2008-10-07 19:41 --------- d-----w d:\program files\microsoft frontpage

2008-10-07 19:37 --------- d-----w d:\program files\Usługi online

2008-09-30 15:43 1,286,152 ----a-w d:\windows\system32\msxml4.dll

2008-09-15 15:27 1,846,656 ----a-w d:\windows\system32\win32k.sys

2008-09-10 01:15 1,307,648 ------w d:\windows\system32\msxml6.dll

2008-09-04 17:17 1,106,944 ----a-w d:\windows\system32\msxml3.dll

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“TV Watcher”=“c:\użytki\Akcesoria\TV Watcher\TV Watcher.exe” [2007-10-14 1210368]

“Odkurzacz-MCD”=“c:\użytki\Systemowe\Odkurzacz\odk_mcd.exe” [2008-08-16 264704]

“ctfmon.exe”=“d:\windows\system32\ctfmon.exe” [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“StartCCC”=“d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” [2006-11-10 90112]

“SMSERIAL”=“d:\program files\Motorola\SMSERIAL\sm56hlpr.exe” [2006-08-07 573440]

“SynTPEnh”=“d:\program files\Synaptics\SynTP\SynTPEnh.exe” [2006-05-25 786521]

“HP Software Update”=“d:\program files\HP\HP Software Update\HPWuSchd2.exe” [2007-03-11 49152]

“NeroFilterCheck”=“d:\program files\Common Files\Ahead\Lib\NeroCheck.exe” [2007-03-01 153136]

“SecurDisc”=“d:\program files\Nero\Nero 7\InCD\NBHGui.exe” [2007-06-01 1629744]

“InCD”=“d:\program files\Nero\Nero 7\InCD\InCD.exe” [2007-06-01 1057328]

“HControl”=“d:\windows\ATK0100\HControl.exe” [2008-10-16 110592]

“avast!”=“d:\progra~1\ALWILS~1\Avast4\ashDisp.exe” [2008-07-19 78008]

“Adobe Reader Speed Launcher”=“d:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2008-01-11 39792]

“SunJavaUpdateSched”=“d:\program files\Java\jre6\bin\jusched.exe” [2008-10-30 136600]

“ISTray”=“c:\użytki\Systemowe\Spyware Doctor\pctsTray.exe” [2008-08-25 1168264]

“SkyTel”=“SkyTel.EXE” [2006-05-16 d:\windows\SkyTel.exe]

“RTHDCPL”=“RTHDCPL.EXE” [2006-10-30 d:\windows\RTHDCPL.exe]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“d:\windows\System32\CTFMON.EXE” [2008-04-14 15360]

d:\documents and settings\Sebastian\Menu Start\Programy\Autostart\

PopTray.lnk - c:\uľytki\Akcesoria\PopTray.exe [2006-09-16 1666048]

d:\documents and settings\All Users\Menu Start\Programy\Autostart\

Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2006-05-24 49152]

HP Digital Imaging Monitor.lnk - d:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520]

Microsoft Office.lnk - d:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\Network Diagnostic\xpnetdiag.exe”=

“%windir%\system32\sessmgr.exe”=

“c:\Użytki\Internetowe\Ares\Ares.exe”=

“d:\Program Files\Messenger\msmsgs.exe”=

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

“8461:TCP”= 8461:TCP:GoD High Port

“8462:TCP”= 8462:TCP:GoD Low Port

R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [2008-10-18 78416]

R2 aswFsBlk;aswFsBlk;d:\windows\system32\DRIVERS\aswFsBlk.sys [2008-10-18 20560]

R3 ASNDIS5;ASNDIS5 Protocol Driver;??\d:\windows\ATK0100\ASNDIS5.SYS [2004-05-28 16269]

R3 WSIMD;wsimd Service;d:\windows\system32\DRIVERS\wsimd.sys [2008-10-08 54432]

S3 UXDCMN;UXDCMN;??\e:\winstress\UXDCMN.SYS []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{f3096ae2-ab6c-11dd-9182-0015af41e7d0}]

\Shell\AutoRun\command - F:\b.com

\Shell\explore\Command - F:\b.com

\Shell\open\Command - F:\b.com

*Newly Created Service* - AAWSERVICE

*Newly Created Service* - PROCEXP90

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

“d:\program files\Common Files\LightScribe\LSRunOnce.exe”

.

- - - USUNIĘTO PUSTE WPISY - - - -

URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://onet.pl/

IE: E&ksport do programu Microsoft Excel - d:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000

TCP: {1BC5A417-F485-495E-8239-8D8918B6C913} = 194.63.132.4,194.63.133.4

d:\windows\system32\SkanerOnlineUninstall.exe - d:\windows\system32\SkanerOnline.dll

O16 -: {68282C51-9459-467B-95BF-3C0E89627E55}

hxxp://www.mks.com.pl/skaner/SkanerOnline.cab

d:\windows\Downloaded Program Files\SkanerOnline.inf

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-11-22 20:59:49

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów …

skanowanie ukrytych wpisów autostartu …

skanowanie ukrytych plików …

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

.

Czas ukończenia: 2008-11-22 21:00:33

ComboFix-quarantined-files.txt 2008-11-22 20:00:17

Przed: 24 355 717 120 bajtów wolnych

Po: 24,427,708,416 bajtów wolnych

WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS=“Microsoft Windows XP Home Edition” /fastdetect /NoExecute=OptIn

188 — E O F — 2008-11-13 21:31:43

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:05:34, on 2008-11-22

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\System32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

D:\Program Files\Alwil Software\Avast4\ashServ.exe

D:\WINDOWS\RTHDCPL.EXE

D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

D:\Program Files\Synaptics\SynTP\SynTPEnh.exe

D:\Program Files\HP\HP Software Update\HPWuSchd2.exe

D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe

D:\Program Files\Nero\Nero 7\InCD\InCD.exe

D:\WINDOWS\ATK0100\HControl.exe

D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

D:\WINDOWS\system32\spoolsv.exe

D:\Program Files\Java\jre6\bin\jusched.exe

C:\Użytki\Systemowe\Spyware Doctor\pctsTray.exe

D:\WINDOWS\system32\ctfmon.exe

D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

D:\WINDOWS\system32\svchost.exe

D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe

D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

D:\Program Files\Java\jre6\bin\jqs.exe

D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

D:\Program Files\Common Files\LightScribe\LSSrvc.exe

D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Użytki\Systemowe\Spyware Doctor\pctsAuxs.exe

C:\Użytki\Systemowe\Spyware Doctor\pctsSvc.exe

D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe

D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

D:\Program Files\Alwil Software\Avast4\ashWebSv.exe

D:\WINDOWS\ATK0100\ATKOSD.exe

D:\WINDOWS\System32\svchost.exe

D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Użytki\Systemowe\Ad-Adware\aawservice.exe

D:\WINDOWS\system32\imapi.exe

D:\WINDOWS\explorer.exe

C:\Użytki\Systemowe\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://onet.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - D:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll

O4 - HKLM…\Run: [skyTel] SkyTel.EXE

O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM…\Run: [startCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM…\Run: [sMSERIAL] D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM…\Run: [synTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM…\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM…\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM…\Run: [securDisc] D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe

O4 - HKLM…\Run: [inCD] D:\Program Files\Nero\Nero 7\InCD\InCD.exe

O4 - HKLM…\Run: [HControl] D:\WINDOWS\ATK0100\HControl.exe

O4 - HKLM…\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”

O4 - HKLM…\Run: [sunJavaUpdateSched] “D:\Program Files\Java\jre6\bin\jusched.exe”

O4 - HKLM…\Run: [iSTray] “C:\Użytki\Systemowe\Spyware Doctor\pctsTray.exe”

O4 - HKCU…\Run: [TV Watcher] “C:\Użytki\Akcesoria\TV Watcher\TV Watcher.exe” /a

O4 - HKCU…\Run: [Odkurzacz-MCD] C:\Użytki\Systemowe\Odkurzacz\odk_mcd.exe

O4 - HKCU…\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)

O4 - Startup: PopTray.lnk = ?

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - D:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - D:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virus … nicode.cab

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/ … leId=24931

O17 - HKLM\System\CCS\Services\Tcpip…{1BC5A417-F485-495E-8239-8D8918B6C913}: NameServer = 194.63.132.4,194.63.133.4

O17 - HKLM\System\CS1\Services\Tcpip…{1BC5A417-F485-495E-8239-8D8918B6C913}: NameServer = 194.63.132.4,194.63.133.4

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Użytki\Systemowe\Ad-Adware\aawservice.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Użytki\Systemowe\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Użytki\Systemowe\Spyware Doctor\pctsSvc.exe

–

End of file - 8901 bytes

Gutek · 22 Listopad 2008 22:39

Zastosuj się do tego Tematu i zmień tytuł tematu na konkretny inaczej KOSZ

Pozdrawiam Gutek2222

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052

Wklej do Notatnika:

Driver::

UXDCMN


Registry::

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

>>Plik>>Zapisz jako… >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe ) Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe ) – podobnie jak na tym obrazku –>